Privileged Access Management (PAM) Lead – CyberArk

Location: Lutz/Tampa, FL (Hybrid – 4 days onsite / 1 remote)
Contract: Contract-to-Hire | Expected conversion within 4–6 months
Eligibility: Must be USC or GC eligible for conversion
Pay Rate: $70/Hr

Seeking a hands-on Privileged Access Management (PAM) Lead with deep expertise in CyberArk to lead and mature enterprise PAM capabilities across both IT and Operational Technology (OT/SCADA) environments. This role will serve as the technical lead and subject matter expert for CyberArk platform administration, privileged credential governance, least privilege enforcement, and privileged access lifecycle management.

The ideal candidate brings strong experience designing and operating enterprise PAM programs, onboarding privileged accounts, integrating CyberArk with enterprise platforms, and supporting regulatory/audit requirements in highly regulated environments.

Key Responsibilities

• Lead administration, engineering, and operational ownership of the CyberArk PAM platform
• Design and manage:
  • Privileged account onboarding and lifecycle management
  • Password vaulting and credential rotation
  • Session monitoring and privileged session management
  • Least privilege and Just-in-Time (JIT) access models
  • Privileged access review and attestation processes
• Configure and support:
  • CyberArk CPM
  • PSM
  • Privileged Vault
  • EPM
• Onboard enterprise systems, applications, servers, databases, and network devices into CyberArk
• Integrate CyberArk with:
  • Microsoft Entra ID / Azure AD
  • ServiceNow
  • Windows/Linux platforms
  • SAP and enterprise applications
• Support PAM controls across OT/ICS/SCADA environments including operational servers, engineering workstations, and infrastructure devices
• Develop governance controls around shared, service, and emergency privileged accounts
• Support SOX, audit, and regulatory evidence requests related to privileged access
• Create operational documentation, standards, runbooks, and support procedures
• Partner with IAM, Infrastructure, Security, Compliance, Risk, and OT teams on enterprise PAM strategy and implementation
• Drive PAM maturity initiatives focused on reducing standing access and improving privileged credential security

Required Qualifications

• 5–8+ years of Cyber Security, IAM, or PAM engineering experience
• Strong hands-on experience with CyberArk administration and engineering
• Experience with:
  • Privileged account governance
  • Privileged access reviews
  • Credential rotation
  • Session management
  • PAM onboarding and integrations
• Knowledge of:
  • Least privilege principles
  • Identity and Access Management (IAM)
  • Microsoft Entra ID / Azure AD
  • Enterprise authentication and access governance
• Experience supporting enterprise-scale PAM environments
• Strong troubleshooting, documentation, and stakeholder communication skills

Preferred Qualifications

• CyberArk Defender or Sentry certifications
• CISSP, CISM, CISA, CRISC, or related security certifications
• Experience supporting OT/ICS/SCADA or critical infrastructure environments
• Familiarity with NERC CIP compliance requirements
• Utility, energy, or highly regulated industry experience
• Experience integrating CyberArk with ServiceNow and enterprise automation workflows

Environment & Technology

• CyberArk PAM
• CPM / PSM / Vault / EPM
• Microsoft Entra ID / Azure AD
• ServiceNow
• Windows & Linux
• OT/SCADA environments
• IAM & enterprise security platforms
• SOX / NERC CIP governance frameworks